create-light-module
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests the installation of the @anthropic/magnolia-cli package via npm, which is associated with a trusted organization.
- [COMMAND_EXECUTION]: The skill provides instructions for using the mgnl command-line tool to automate the scaffolding of Magnolia CMS light modules on the local file system.
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection during the module creation process. Ingestion points: User-provided module names and configuration parameters are used to generate file paths and content. Boundary markers: No delimiters or protective instructions are used to separate user input from generated file content. Capability inventory: The skill performs local file system write operations, including directory creation and file generation. Sanitization: No explicit validation or sanitization of input strings is documented before they are incorporated into the module structure.
Audit Metadata